0

I have 2 servers. First web server another linux server. On web server I write php script which connected to linux server and run command after user input. And in this case command which executes on linux server not same. For ex.:

<input type="text" name="input">

....

$user_input = $_POST["input"]

....

if (!($stream = ssh2_exec($con, "cat $user_input | grep some_text"))) {
            echo "fail: unable to execute command\n";
        }

Now I must allow user only one command with changable variable. User can give only for ex. "cat" and "grep" commands , but "$user_input" changes every time. Is there any way to solve situation?

Javid
  • 47
  • 2
  • 8
  • do you need to limit the number of commands to only one, or do you need to limit to one specific command? – The Bndr Apr 29 '15 at 07:19
  • I need limit one specific command. But in this command some part (variable) is changable every command execution. Restriction must be configured on linux server. like no-login shell or etc. – Javid Apr 29 '15 at 07:24
  • I was update post. Perhaps now more than clear that I am referring to. – Javid Apr 29 '15 at 10:14

2 Answers2

0

Depending on your code...

cat $user_input | grep some_text

...you probably need to limit the user input to one specific path to an file or/and maybe included with some additional cat parameters.

In this case, you have to "burn" the one and only command in your source code and clean up / validate the user input to avoid injection of other commands, like:

$user_input = "/dev/null; rm -rf /"

In this case, you should build multi-step-validation to check different aspects of the user input to find out, if this is really an path. For example some regular expressions, to check, if this is an typical path syntax. You also can try pathinfo() as a part of your validation to see, if there is some valid output. Finally it's very hard, to get an 100% secure chack, if the user-input contains only a file name.

Look here: Determine via C# whether a string is a valid file path

Community
  • 1
  • 1
The Bndr
  • 13,204
  • 16
  • 68
  • 107
  • Thanks for response. But maybe you don't understand question. I need limit command execution for linux user which use to connect to linux server. The user can give only one command on linux server. But in this command exist variable which defined in php script. – Javid Apr 29 '15 at 07:53
0

The only reliable (and relatively secure) way I'm aware of is to do it via command templates.

Concept. The web front-end doesn't allow arbitrary commands. Instead it provides a list of possible command templates with checked/typed parameters. In the web interface, user can choose template and specify parameters. The chosen template and parameters are then passed to the back-end, encapsulated (e.g. in validated XML). The back-end first verifies that the parameters supplied by user fit the template, then composes the command and only then executes it.

For example, using your code snippet, possible template specification might look like:

grep-file ::= cat <local-readable-file> | grep <safe-text>

For the local-readable-file parameter check might be, for example, that the file name contains only safe characters, the file is regular, is on local file system, is readable by anybody. For the safe-text, for example, that it does contain only alphanumeric characters.

Dummy00001
  • 16,630
  • 5
  • 41
  • 63